How to access current values from a Chef data bag?

8
votes

I have a server managed by Chef. I need to access some values that live in a cookbook data bag from scripts not run by Chef.

/* Chef REST API allows to access data bag values as seen by Chef server. This is not what I want. Each chef-client run may introduce a number of coordinated changes, including changes in the data bag. If data on the server had already changed but chef-client did not run locally yet, local setup and server-side data bag may be out of sync. */

I see two solutions:

  • Parse/import the data bag file under /var/cache/chef/cookbooks/<book-name> since it's more or less normal Ruby.
  • Inside a recipe, dump relevant data from the data bag into a plain file accessible from my scripts.

Are there better options?

1
chef-infra
Is there a reason why you can't do what you want in a Chef recipe? - Jordan Dea-Mattson
@Jordan: no; this can be done from a recipe since is seems to be the only easy option. That's what the accepted answer proposes. - 9000

1 Answers

7
votes

Dumping data from the node hash or data bags into a separate file is a good way of communicating between the Chef server and scripts running on a node. If your script can parse JSON then it's really easy:

file "/etc/script.json" do
  owner "root"
  group "root"
  mode 0644
  content node[:whatever].to_json
 end

Using the Chef REST interface sounds like overkill, and groping around in /var/cache/chef is just rude. (-: